CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,363 vulnerabilities with CWE-352
CVE-2023-24458
HIGH
Jenkins BearyChat Plugin <3.0.2 - CSRF
CVSS 8.8
CVE-2023-24457
MEDIUM
Jenkins Keycloak Auth Plugin <2.3.0 - CSRF
CVSS 6.5
CVE-2023-24452
HIGH
Jenkins TestQuality Updater Plugin <1.3 - CSRF
CVSS 8.8
CVE-2023-24447
HIGH
Jenkins RabbitMQ Consumer Plugin <2.8 - CSRF
CVSS 8.8
CVE-2023-24446
HIGH
Jenkins OpenID Plugin < 2.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-24437
HIGH
Jenkins JIRA Pipeline Steps Plugin <2.0.165.v8846cf59f3db - CSRF
CVSS 8.8
CVE-2023-24434
HIGH
Jenkins GitHub Pull Request Builder Plugin <1.42.2 - CSRF
CVSS 8.8
CVE-2023-24432
HIGH
Jenkins Orka by MacStadium Plugin <1.31 - CSRF
CVSS 8.8
CVE-2023-24428
MEDIUM
Jenkins Bitbucket OAuth Plugin <0.12 - CSRF
CVSS 5.7
CVE-2023-24423
MEDIUM
Jenkins Gerrit Trigger Plugin <2.38.0 - CSRF
CVSS 6.5
CVE-2023-0438
MEDIUM
modoboa < 2.0.4 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-0406
MEDIUM
modoboa < 2.0.4 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-0403
MEDIUM
Social Warfare <= 4.3.1 - Cross-Site Request Forgery via Missing Nonce Validation
CVSS 5.4
CVE-2023-0398
MEDIUM
modoboa < 2.0.4 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-0385
MEDIUM
Custom 404 Pro <= 3.7.1 - Cross-Site Request Forgery via Admin Init Function
CVSS 4.3
CVE-2023-22286
HIGH
MAHO-PBX NetDevancer < 1.11.00 - Unauthenticated Cross-Site Request Forgery
CVSS 8.1
CVE-2023-22852
MEDIUM
Tiki < 25.0 - Cross-Site Request Forgery via tiki-importer.php and tiki-import_sheet.php
CVSS 6.5
CVE-2023-0294
HIGH
Mediamatic - Media Library Folders <2.8.1 - CSRF
CVSS 8.8
CVE-2023-22472
MEDIUM
Nextcloud Desktop - Cross-Site Request Forgery via Deep Link
CVSS 5.3
CVE-2023-0088
HIGH
Swifty Page Manager <= 3.0.1 - Cross-Site Request Forgery via AJAX Actions
CVSS 8.8
CVE-2023-0086
MEDIUM
JetWidgets for Elementor <1.0.12 - CSRF
CVSS 5.4
CVE-2023-22457
CRITICAL
CKEditor Integration UI <1.64.3 - CSRF
CVSS 9.0
CVE-2022-47150
MEDIUM
WordPress WooCommerce Conversion Tracking plugin <= 2.0.10 - Cross-Site Request Forgery (CSRF) vulnerability
CVSS 4.3
CVE-2022-44630
MEDIUM
WordPress YITH WooCommerce Product Slider Carousel plugin <= 1.16.0 - Cross-Site Request Forgery (CSRF)
CVSS 4.6
CVE-2022-50955
MEDIUM
WordPress Plugin Curtain 1.0.2 Cross-site Request Forgery
CVSS 4.3
Details
Vulnerabilities
9,363
Exploit Likelihood
Medium